I realize this is an abstract question but at this point I don't know what I don't know so bear with me.
Here is my situation; I have just been asked to make SCOM 2007 "work". I have SCOM 2007 installed with SQL 2008 in a Server 2008 R2 domain of approximately 400 users and 300 clients.
I have an upcoming network vulnerability test coming up and I have no prior experience with SCOM. I'm a Server guy just never any experience with SCOM.
I'm ultimately trying to prevent phishing attacks, spoofing, brute force attacks on user accounts and general data exfiltration. Just by reading through some documentation I think at best SCOM is only going to notify me that some of these things are happening and not actually preventing them and that's ok. After I got it installed and downloaded some management packs I realized the vast amount of information that SCOM is capable of giving me is overwhelming.
I really just need to know what information I need and what do I need to configure to help mitigate some of the things I mentioned above?
Thanks is advance for your advice.